Limit Attempts

Protect WordPress website against brute force attacks. Limit rate of login attempts.

Limit Attempts plugin is a security solution for WordPress which protects your website from spam and brute-force attacks. Limit the number of failed login attempts per user and block user IP for a certain period of time based on your settings. This will stop automated scripts to gеnеrаtе a lаrgе numbеr оf different combinations and hack your website.

Manage deny and allow lists, receive email notifications, hide website forms for blocked or added to the deny list IPs, and other advanced features which guarantee safety of your data.

Documentation & Videos

User Guide
Brief Overview
Instruction on Installation

Free Features

  • Automatically block IP addresses that exceed limit login attempts
  • Automatically add IP addresses that exceed blocks limit to the deny list
  • Manually add IP addresses to:
    • Deny list
    • Allow list
  • Compatible with Contact Form:
    • Set the time interval for letters sending
    • Set the number of emails sent per indicated time interval
  • Hide login, register, lost password forms for blocked or added to the deny list IPs
  • Add denylisted IP address to the htaccess file with Htaccess
  • Consider incorrect captcha as a failed login attempt with Captcha
  • Manage your statistics list with:
    • IP address
    • Number of failed attempts
    • Number of blockings
    • Status
  • Customize error messages for:
    • Invalid attempt
    • Blocked user
    • Denylisted user
  • Send customizable notifications about blocked and deny listed users to:
    • User email
    • Custom email
  • Compatible with latest WordPress version
  • Incredibly simple settings for fast setup without modifying code
  • Detailed step-by-step documentation and videos
  • Multilingual and RTL ready

Pro Features

  • Add IP address ranges or IP masks to deny and allow lists
  • Add certain country’s IP addresses to the deny and allow lists – GeoIP database
  • Add email address or email domain to the deny and allow lists
  • Manage total number of failed attempts with blocked list additional option
  • Manage deny and allow lists with extended options:
    • Country
    • Range from
    • Range to
    • Reason
  • Compatible with Captcha Pro and Captcha Plus:
    • Consider the incorrect captcha input as an invalid attempt for the forms compatible with Captcha
  • Compatible with reCaptcha:
    • Consider failed reCaptcha validation as an invalid attempt for the forms compatible with reCaptcha plugin
  • Set the option for non-existent username log in:
    • According to time and login attempts set for Block- and Deny list
    • Block IP immediately
    • Add IP to Deny list immediately
  • Manage your log tab with:
    • IP address
    • Username
    • Password
    • Internet Hostname
    • Event
    • Form
    • Event time
  • Summary diagram with login attempts statistic and prevented hacking attempts in the settings page and in a dashboard widget
  • Configure all subsites on the network
  • Get answer to your support question within one business day (Support Policy)

3 Translations Available

We are constantly update the existing translations and add new to the list.

Upgrade to Limit Attempts Pro...

Protect WordPress website against brute force attacks. Limit rate of login attempts.

Annual $27 Per domain, per year
  • All Premium Features
  • Updates for One Year
  • Renews Until Canceled
  • Top Priority Support
Perpetual $240 Per domain, forever
  • All Premium Features
  • Perpetual Updates
  • One-Time Payment
  • Premium Personal Support
Membership $250 Per domain, per year
  • All Premium Plugins
  • Access to All Updates
  • Renews Until Canceled
  • Premium Personal Support